From 4e4dc5e168074f150399dbceff7ea2c617800ca9 Mon Sep 17 00:00:00 2001
From: Abhinav Adduri <abhinadduri@gmail.com>
Date: Mon, 19 Jun 2017 15:51:48 -0700
Subject: [PATCH] added helmet middleware

---
 package.json            | 1 +
 server/portal_server.js | 3 ++-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/package.json b/package.json
index c1bc9ff2..dca5aed4 100644
--- a/package.json
+++ b/package.json
@@ -13,6 +13,7 @@
     "express": "^4.15.3",
     "express-handlebars": "^3.0.0",
     "fs-extra": "^3.0.1",
+    "helmet": "^3.6.1",
     "jquery": "^3.2.1",
     "mozlog": "^2.1.1",
     "node-fetch": "^1.7.1",
diff --git a/server/portal_server.js b/server/portal_server.js
index 03996dc3..52883425 100644
--- a/server/portal_server.js
+++ b/server/portal_server.js
@@ -3,6 +3,7 @@ const exphbs = require('express-handlebars');
 const busboy = require('connect-busboy');
 const path = require('path');
 const bodyParser = require('body-parser');
+const helmet = require('helmet');
 const bytes = require('bytes');
 const conf = require('./config.js');
 const storage = require('./storage.js');
@@ -18,9 +19,9 @@ const app = express();
 app.engine('handlebars', exphbs({ defaultLayout: 'main' }));
 app.set('view engine', 'handlebars');
 
+app.use(helmet());
 app.use(busboy());
 app.use(bodyParser.json());
-
 app.use(express.static(path.join(__dirname, '../public')));
 
 app.get('/', (req, res) => {